Discussion Week 1
docx
keyboard_arrow_up
School
Lone Star College System, Woodlands *
*We aren’t endorsed by this school
Course
1337
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
3
Uploaded by GrandKoupreyPerson510
Research a cybersecurity tool that you will spend the semester
learning about in-depth. It should be something you can
purchase and install for corporation. Here are some ideas to
get you started. Once chosen, write up a paragraph on which
tool you selected and why you chose that one.
Cybersecurity Analysts use a variety of tools in their jobs,
which can be organized into a few categories: network
security monitoring, encryption, web vulnerability, penetration
testing, antivirus software, network intrusion detection, and
packet sniffers.
Network security monitoring tools
These tools are used to analyze network data and detect
network-based threats. Examples of tools include Argus,
Nagios, Pof, Splunk, and OSSEC.
Encryption tools
Encryption protects data by scrambling text so that it is
unreadable to unauthorized users. Examples of tools include
Tor, KeePass, VeraCrypt, NordLocker, AxCrypt, and TrueCrypt.
Web vulnerability scanning tools
These software programs scan web applications to identify
security vulnerabilities including cross-site scripting, SQL
injection, and path traversal. Examples of tools include Burp
Suite, Nikto, Paros Proxy, and SQLMap.
Penetration testing
Penetration testing, also known as "pen test", simulates an
attack on a computer system in order to evaluate the security
of that system. Examples of penetration testing tools include
Metasploit, Kali Linux, Netsparker, and Wireshark.
Antivirus software
This software is designed to find viruses and other harmful
malware, including ransomware, worms, spyware, adware, and
Trojans. Examples of tools include Norton 360, Bitdefender
Antivirus, Norton AntiVirus, Kapersky Anti-Virus, and McAfee
Total Protection.
Network intrusion detection
An Intrusion Detection System (IDS) monitors network and
system traffic for unusual or suspicious activity and notifies
the administrator if a potential threat is detected. Examples of
tools include Snort, Security Onion, SolarWinds Security Event
Manager, Kismet, and Zeek.
Packet sniffers
A packet sniffer, also called a packet analyzer, protocol
analyzer or network analyzer, is used to intercept, log, and
analyze network traffic and data. Examples of tools include
Wireshark, Tcpdump, and Windump.
Firewall tools
Top firewall security management suites include Tufin,
AlgoSec, FireMon, and RedSeal.
Managed detection services
Managed detection services analyze and proactively detect
and eventually eliminate cyber threats. Alerts are investigated
to determine if any action is required.
Wireshark is a very popular network protocol analyzer tool that is used in Windows, Linux,
and Mac OS environments. Wireshark is free software that can be downloaded and used by
anyone. It is a very useful tool for learning about network protocol communications. Network
protocol analyzer skills are essential for cybersecurity analysts
.
As a Protocol analyzer,
Wireshark shows what is happening on the network, often through a graphical user interface.
Frames that are captured by Wireshark are saved in a PCAP file. PCAP files contain the frame
information, interface information, packet length, time stamps, and even entire binary files
that are sent across the network.
Wireshark can also open files that contain captured traffic from other software such as
the tcpdump utility. Popular among UNIX-like systems such as Linux, tcpdump is a powerful
utility with numerous command-line options. The example in the command output displays a
sample tcpdump capture of ping packets.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help